linux/net at f3fdd4fba16c74697d8bc730b82fb7c1eff7fab3 - linux - FoxGit

torvalds/linux

mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-03-22 07:27:12 +08:00

Files

History

Damodharam Ammepalli f3fdd4fba1 ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll()

rpl is passed as a pointer to ethtool_cmis_module_poll(), so the correct
size of rpl is sizeof(*rpl) which should be just 1 byte.  Using the
pointer size instead can cause stack corruption:

Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ethtool_cmis_wait_for_cond+0xf4/0x100
CPU: 72 UID: 0 PID: 4440 Comm: kworker/72:2 Kdump: loaded Tainted: G           OE      6.11.0 #24
Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
Hardware name: Dell Inc. PowerEdge R760/04GWWM, BIOS 1.6.6 09/20/2023
Workqueue: events module_flash_fw_work
Call Trace:
 <TASK>
 panic+0x339/0x360
 ? ethtool_cmis_wait_for_cond+0xf4/0x100
 ? __pfx_status_success+0x10/0x10
 ? __pfx_status_fail+0x10/0x10
 __stack_chk_fail+0x10/0x10
 ethtool_cmis_wait_for_cond+0xf4/0x100
 ethtool_cmis_cdb_execute_cmd+0x1fc/0x330
 ? __pfx_status_fail+0x10/0x10
 cmis_cdb_module_features_get+0x6d/0xd0
 ethtool_cmis_cdb_init+0x8a/0xd0
 ethtool_cmis_fw_update+0x46/0x1d0
 module_flash_fw_work+0x17/0xa0
 process_one_work+0x179/0x390
 worker_thread+0x239/0x340
 ? __pfx_worker_thread+0x10/0x10
 kthread+0xcc/0x100
 ? __pfx_kthread+0x10/0x10
 ret_from_fork+0x2d/0x50
 ? __pfx_kthread+0x10/0x10
 ret_from_fork_asm+0x1a/0x30
 </TASK>

Fixes: a39c84d796 ("ethtool: cmis_cdb: Add a layer for supporting CDB commands")
Reviewed-by: Andy Gospodarek <andrew.gospodarek@broadcom.com>
Reviewed-by: Simon Horman <horms@kernel.org>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Damodharam Ammepalli <damodharam.ammepalli@broadcom.com>
Signed-off-by: Michael Chan <michael.chan@broadcom.com>
Link: https://patch.msgid.link/20250409173312.733012-1-michael.chan@broadcom.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

2025-04-11 18:41:19 -07:00

..

ipv6: eliminate ndisc_ops_is_useropt()

2024-08-12 17:23:57 -07:00

9p: Use hashtable.h for hash_errmap

2025-03-23 06:20:48 +09:00

net: 802: LLC+SNAP OID:PID lookup on start of skb data

2025-01-04 08:06:24 -08:00

net: vlan: don't propagate flags on open

2025-03-20 09:57:37 +01:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

Merge tag 'crc-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux

2025-04-08 12:09:28 -07:00

Merge tag 'for-net-2025-04-10' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth

2025-04-11 16:34:04 -07:00

bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()

2025-01-29 08:51:51 -08:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

rtnetlink: Pack newlink() params into struct

2025-02-21 15:28:02 -08:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

lib/crc: remove CONFIG_LIBCRC32C

2025-04-04 11:31:42 -07:00

Merge tag 'net-6.15-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2025-04-10 08:52:18 -07:00

dcb: Use rtnl_register_many().

2024-10-15 18:52:26 -07:00

tcp/dccp: remove icsk->icsk_ack.timeout

2025-03-25 10:34:33 -07:00

devlink: fix xa_alloc_cyclic() error handling

2025-03-19 09:57:36 +00:00

…

net: move misc netdev_lock flavors to a separate header

2025-03-08 09:06:50 -08:00

…

ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll()

2025-04-11 18:41:19 -07:00

module: Convert symbol namespace to string literal

2024-12-02 11:34:44 -08:00

net: hold instance lock during NETDEV_CHANGE

2025-04-07 11:13:39 -07:00

inet: frags: save a pair of atomic operations in reassembly

2025-03-18 13:18:36 +01:00

…

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

ipv6: add exception routes to GC list in rt6_insert_exception

2025-04-10 20:09:05 -07:00

s390: Convert MACHINE_IS_[LPAR|VM|KVM], etc, machine_is_[lpar|vm|kvm]()

2025-03-04 17:18:07 +01:00

kcm: replace call_rcu by kfree_rcu for simple kmem_cache_free callback

2024-10-15 10:50:21 -07:00

xfrm: Add support for per cpu xfrm state handling.

2024-10-29 11:56:00 +01:00

net: move misc netdev_lock flavors to a separate header

2025-03-08 09:06:50 -08:00

…

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

Merge tag 'wireless-2025-04-11' of https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless

2025-04-11 16:38:04 -07:00

mac802154: Switch to use hrtimer_setup()

2025-02-18 10:35:44 +01:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

percpu: use TYPEOF_UNQUAL() in variable declarations

2025-03-16 22:05:53 -07:00

Merge tag 'net-6.15-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2025-04-10 08:52:18 -07:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

Merge tag 'net-6.15-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2025-04-10 08:52:18 -07:00

net: corrections for security_secid_to_secctx returns

2025-01-04 22:11:22 -05:00

Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2025-02-27 10:20:58 -08:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

…

Merge tag 'crc-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux

2025-04-08 12:09:28 -07:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

phonet: do not call synchronize_rcu() from phonet_route_del()

2024-11-07 20:34:16 -08:00

psample: adjust size if rate_as_probability is set

2024-12-18 19:23:04 -08:00

net: qrtr: Update packets cloning when broadcasting

2024-09-24 10:48:16 +02:00

Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2025-02-27 10:20:58 -08:00

net: rfkill: gpio: allow booting in blocked state

2025-02-11 11:55:55 +01:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

Merge tag 'net-6.15-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2025-04-10 08:52:18 -07:00

Merge tag 'net-6.15-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2025-04-10 08:52:18 -07:00

net: add netdev_lock() / netdev_unlock() helpers

2025-01-15 19:13:33 -08:00

smc: Fix lockdep false-positive for IPPROTO_SMC.

2025-04-11 14:14:26 -07:00

strparser: Add read_sock callback

2025-01-29 13:32:08 -08:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

net: switchdev: Convert blocking notification chain to a raw one

2025-03-11 11:30:28 +01:00

Merge tag 'net-6.15-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2025-04-10 08:52:18 -07:00

net: tls: explicitly disallow disconnect

2025-04-08 11:38:49 +02:00

unix: fix up for "apparmor: add fine grained af_unix mediation"

2025-03-26 09:31:18 -07:00

vsock: avoid timeout during connect() if the socket is closing

2025-04-02 17:19:30 -07:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

xsk: Fix __xsk_generic_xmit() error code when cq is full

2025-04-02 21:55:43 -07:00

treewide: Switch/rename to timer_delete[_sync]()

2025-04-05 10:30:12 +02:00

compat.c

…

devres.c

…

Kconfig

netlink: spec: add shaper YAML spec

2024-10-10 08:30:21 -07:00

Kconfig.debug

rtnetlink: Add per-netns RTNL.

2024-10-08 15:16:59 +02:00

Makefile

netlink: spec: add shaper YAML spec

2024-10-10 08:30:21 -07:00

socket.c

Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2025-03-26 09:32:10 -07:00

sysctl_net.c

sysctl: Remove check for sentinel element in ctl_table arrays

2024-06-13 10:50:52 +02:00